Oil Exporters Attacked by Malware Similar to That Used to Attack Iran
August 17, 2012 12:30 PM
comment(s) - last by
Attack vector differs slightly from the "Wiper" the malware used to attack the Iranian oil industry
Using a malware package
with tools with names like "Wiper", U.S. and Israeli intelligence teams are suspected of a concerted
campaign designed to cripple
Iran's oil industry
, a key supplier of Chinese demand and lifeblood of the Middle Eastern giant's economy.
But now the U.S. energy sector finds itself under attack by a somewhat similar piece of malware dubbed Shamoon or Disttrack by researchers
) and Intel Corp. (
The malware is named for its resident directory -- C:\Shamoon\ArabianGulf\wiper\release\wiper.pdb -- which, of course, is likely to change as new variants pop up. Shamoon means "Simon" in Arabic. There's also
Shamoon College of Engineering
in Israel -- another possible local name connection.
The malware contains a string in its compilation directory "wiper", making it clear that the authors intended it as at least a homage to the Iran-targeting Wiper. But Kaspersky Lab says that unlike Stuxnet -- where the U.S.'s anti-Iranian code was decompiled and used by malicious hackers -- the new malware is likely only an imitation, not repackaging.
The code uses different file and service names than the original Wiper. It also attacks with different attack pattern, though the net goal is the same -- to destroy hard drive data on infected energy sector computers.
Kaspersky Labs' analysis team
, "It is more likely that this is a copycat, the work of script kiddies inspired by the story."
But if script kiddies wrote the malware, they must be some pretty good ones. The malware has advanced networked propagation code, and overwrites the hard drive with a JPEG image found on the internet, preventing data recovery. While not exactly rocket science, those little touches are the kinds of sophistication oft overlooked by novice hackers.
Shamoon may have struck Saudi Arabia's oil industry, though infections are limited.
[Image Source: CNBC]
The state-owned Saudi Arabian Oil Comp., the world's largest oil producer and privately held company,
announced this week
that it was struck by a malware attack. It was unclear, however, whether Shamoon or a similar variant was responsible for the attack on one of America's largest foreign oil suppliers.
What is clear, based on expert reports is that the extent of infections is small, with Symantec reporting
less than 50 systems
This article is over a month old, voting and posting comments is disabled
RE: The United States...
8/19/2012 6:29:41 AM
My car runs on happy thoughts, unicorns, and rainbows. Also, forgot to mention sunshine.
RE: The United States...
8/20/2012 5:37:40 PM
How many miles per unicorn are you getting? Rainbows are hard enough to capture, but the unicorns are a bitch to find let alone catch, so I had to go back to powering my car with dreams and visions.
"I want people to see my movies in the best formats possible. For [Paramount] to deny people who have Blu-ray sucks!" -- Movie Director Michael Bay
Microsoft Tightens Security, Deals IT Folks Headaches in Flame Fight
July 12, 2012, 12:00 PM
Microsoft Aims to Harden Windows Update to Fight "Flame"
June 6, 2012, 2:24 PM
Iranian Oil Industry Hit with Cyber Attack
April 24, 2012, 10:31 AM
Google's Gleaming Glass HQ Gets Mountain View Snub, LinkedIn Gets the Love
May 7, 2015, 6:58 AM
Tech's Tax Day Fortunate Few: Qualcomm, Xerox, GE, et al. Pay Little or No Taxes
April 15, 2015, 11:30 AM
LinkNYC Terminals to Blanket New York City With Free WiFi, Free Calls, and Ads
November 17, 2014, 6:50 PM
Microsoft is Open-Sourcing Most of .NET, Adding OS X and Linux Support
November 12, 2014, 8:27 PM
Home Depot Lost 53 Million Emails, Blames Windows, Buys Execs New Macs
November 9, 2014, 5:00 PM
Former NSA Lawyer: If Google, Apple Encrypt User Data, They’ll Wither on the Vine Like Blackberry
November 6, 2014, 12:15 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2016 DailyTech LLC. -
Terms, Conditions & Privacy Information